Company InformationCorporate Governance

Corporate GovernanceInformation Security Policy

As a company deeply involved with the public interest and safety, we accumulate information resources with a high degree of confidentiality during the course of conducting our business activities. We shall manage our business activities on an ongoing basis in a stable manner, ensuring information resources are maintained in a safe and secure manner, and endeavor to efficiently use and manage this information appropriately in accordance with importance, while endeavoring to be worthy of the public trust placed in us.

Bearing the above in mind, we have established these fundamental policies, information handling and management policies, information system handling and management policies, as well as related policies and procedures, as our information security policies, and declare that the following actions are to be implemented and promoted:

Safety Measures

1. During the course of conducting business and handling customer and other information resources, we shall do all in our power to maintain the security of those information resources so as not to lose, destroy, corrupt, inappropriately modify or access, misappropriate or leak information, while taking adequate precautions to avoid such risk. These measures shall have the highest priority.

Controls/Checks and Balances

2. To assure the appropriate use and safety of information resources, we shall establish an internal Information Management and Information Security Division to be staffed with responsible managers at all levels and from all divisions of the company to serve as administrators and to assure the safety and appropriate management and use of information throughout the company.

Social Order

3. To maintain order and discipline on the Internet, we shall take appropriate measures to prevent inappropriate access and viruses, and otherwise endeavor to insure the safety and sound development of our systems, applications and services.

Respect for the Law

5. All employees shall respect, obey and follow all policies and procedures outlined in the company's information management policies, all laws and ordinances relating to information management, information management provisions in agreements with customers, all related laws, ordinances and regulations, and otherwise endeavor to protect the security of information resources entrusted to the company.

Ongoing Information Protection

6. Risks posed to information resources shall be constantly evaluated from all angles and take into consideration advances in technology, changes in the business environment and other factors. New risks shall be addressed as they occur in information security policies and procedures so as to maintain the security of information at all times.

Audits

7. To assure the highest degree of information security and that all policies and procedures in place are functioning properly, the Internal Audit Office shall be tasked with conducting periodic information management audits, and making the appropriate recommendations for improvement in information handling and management policies and procedures.